The ExtraHop platform is a physical or virtual appliance that analyzes network traffic and extracts network, web, VDI, database, and storage performance metrics at speeds of up to 20Gbps. ExtraHop can send real-time events into Splunk based on the result of over-the-wire, L2-L7 packet analysis. ExtraHop complements Splunk in several ways for real-time IT operations analytics:
This sample application demonstrates integration for several key protocols, such as HTTP, database, memcache, and CIFS storage. Additional protocols such as NFS, DNS, and others are available for integration.
This app requires requires Splunk software to be installed on your system first. You will also need an ExtraHop appliance installed along with the "ExtraHop Splunk Bundle" containing the appropriate triggers and rsyslog connector configurations. More information is available on the ExtraHop customer forum: <https: forum.extrahop.com="" question="" 75="" extrahop-splunk-bundle="">
Web Metrics - Responses over time, average transaction response times, top status codes, web traffic throughput.
Web Services Metrics - Events over time, top active account numbers, top active users, and other customizable metrics such as duplicate order IDs.
Database Metrics - Responses over time, average transaction response times, errors, top methods, top users, and more.
Storage Metrics - Responses over time, average transaction response times, errors, top methods, top users, and more.
Memcache Metrics - Transactions over time, average access time, errors, message sizes, top response codes, top methods.
Added a time range picker element on every page and certified the app to run on Splunk 5.0Beta (build 136169).
This release fixes an issue that may result in missing views in some cases.
This is the first release of the ExtraHop Splunk App.
Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.